kankanamge/iversauth
Laravel auth middleware/service provider to authenticate users via the Ivers authentication site. Install with Composer, register AuthServiceProvider, replace the default auth middleware, publish config, and set your Ivers app/site URL (avoid using /login).
Installation
composer require kankanamge/iversauth
Register Service Provider
Add \Kankanamge\IversAuth\AuthServiceProvider::class to config/app.php under 'providers'.
Override Auth Middleware
Replace 'auth' => \Illuminate\Auth\Middleware\Authenticate::class with:
'auth' => \Kankanamge\IversAuth\AuthenticateMiddleware::class,
in app/Http/Kernel.php.
Publish Config
php artisan vendor:publish --provider="Kankanamge\IversAuth\AuthServiceProvider"
Configure config/ivers_auth.php with your Ivers Auth app credentials (client ID, secret, callback URL).
First Use Case Redirect users to Ivers Auth for login:
Route::get('/login', function () {
return \Kankanamge\IversAuth\Facades\IversAuth::redirectToIversAuth();
});
The package handles the OAuth flow and redirects back to your app after authentication.
OAuth Flow Integration
\Kankanamge\IversAuth\Facades\IversAuth for all auth operations.return IversAuth::redirectToIversAuth();
/ivers-auth/callback is routed to the package’s controller).User Data Fetching After successful auth, fetch user data:
$user = IversAuth::getUser();
// Manually create/update Laravel user if needed
Protected Routes
Use the auth middleware (now AuthenticateMiddleware) to guard routes:
Route::get('/dashboard', function () {
return "Welcome!";
})->middleware('auth');
Session Management The package manages sessions via Ivers Auth’s OAuth tokens. Avoid manual session handling unless extending functionality.
users table (e.g., via Auth::loginUsingId()).AuthServiceProvider to bind a custom user resolver:
public function boot()
{
$this->app['auth']->viaRequest('ivers', function ($request) {
return \App\Models\CustomUser::where('ivers_id', $request->user()->id)->first();
});
}
Route::get('/logout', function () {
return IversAuth::logout();
});
No /login Route
The README warns against routing to /login. Instead, use a custom route (e.g., /auth/ivers) and call redirectToIversAuth().
Missing User Sync The package only handles OAuth. You must manually link Ivers Auth users to your Laravel users table. Example:
$iversUser = IversAuth::getUser();
$localUser = User::firstOrCreate(
['email' => $iversUser->email],
['name' => $iversUser->name, 'ivers_id' => $iversUser->id]
);
Auth::login($localUser);
Callback URL Mismatch
Ensure the callback_url in config/ivers_auth.php matches the route handling the OAuth callback (default: /ivers-auth/callback). Mismatches cause silent failures.
Token Expiry
Ivers Auth tokens expire. The package does not auto-refresh tokens. Implement a refreshToken method or use Laravel’s Auth::onceUsingId() for temporary sessions.
GuzzleHttp exceptions (common for invalid credentials or callback URLs).config/ivers_auth.php has valid client_id, client_secret, and redirect_url.AuthenticateMiddleware is properly registered in Kernel.php. Test with:
Route::get('/test-auth', function () {
dd(auth()->check()); // Should return true if authenticated
})->middleware('auth');
Custom User Provider
Override the default user provider in AuthServiceProvider:
public function boot()
{
$this->app['auth']->provider('ivers', function ($app) {
return new \Kankanamge\IversAuth\IversUserProvider($app['config']['ivers_auth']);
});
}
Post-Auth Hooks
Add logic after successful auth in a service provider’s boot():
IversAuth::afterAuth(function ($user) {
event(new UserLoggedIn($user));
});
Token Storage Extend the package to store tokens in the database for persistence:
IversAuth::setTokenStorage(function ($token) {
Token::updateOrCreate(
['user_id' => auth()->id()],
['access_token' => $token->accessToken]
);
});
Fallback Auth Combine with Laravel’s default auth for hybrid flows:
if (auth()->check()) {
// User is logged in via Ivers Auth or local auth
}
How can I help you explore Laravel packages today?